From b426390abe8159fc368c77272425ffb791270dd9 Mon Sep 17 00:00:00 2001
From: "Adam D. Ruppe" <destructionator@gmail.com>
Date: Sat, 9 Mar 2019 12:00:41 -0500
Subject: [PATCH] sanity check on header size jic

---
 cgi.d | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/cgi.d b/cgi.d
index 56f547f..cedb5ad 100644
--- a/cgi.d
+++ b/cgi.d
@@ -384,6 +384,12 @@ int locationOf(T)(T[] data, string item) {
 	const(ubyte[]) d = cast(const(ubyte[])) data;
 	const(ubyte[]) i = cast(const(ubyte[])) item;
 
+	// this is a vague sanity check to ensure we aren't getting insanely
+	// sized input that will infinite loop below. it should never happen;
+	// even huge file uploads ought to come in smaller individual pieces.
+	if(d.length > (int.max/2))
+		throw new Exception("excessive block of input");
+
 	for(int a = 0; a < d.length; a++) {
 		if(a + i.length > d.length)
 			return -1;